Skip to main content

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Cloud.

Other available versions:

Versions 6 and 7 | Version 5 | Version 4Link: What version am I on?

Code42 Support

Alerts reference

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Cloud.

Other available versions:

Versions 6 and 7 | Version 5 | Version 4Link: What version am I on?

Overview

Code42 Alerts give you an overview of the different alerts and alert rules you have in your Code42 environment to let you know when important data may be leaving your company.

This article is a reference guide with detailed descriptions of each item in Code42's Alerts. For information on creating and configuring security alerts, see How to create and review alerts.

Considerations

Alerts

To view alerts:

  1. Sign in to the administration console.
  2. Select Alerts > Review Alerts

Review Alerts

Review Alerts tab of Alerts

Item Description
a Create Rule Click to create a new rule to alert you when important data may be leaving your company.
b Review Alerts

Displays all of your alerts for the selected filters. 

c Manage Rules Displays all the security alert rules that have been created. For more information, see Manage Rules below.
d Filter types

Select to filter your view of alerts by the following: 

 

Event

  • Date Observed - date the alert was triggered

Alert User

  • User Name

Alert

The alert filters are based on options you selected or entered when creating the rule for the alert.

  • Severity - Low, Medium, or High
  • Alert Name
  • Description
  • Alert State (default filter) - Open or Dismissed
  • Alert ID - Used by Code42 to present filtered results from alert notification emails
e Operator

Search operator options vary based on search type.

  • Single value
    • Is: Returns alerts that match the criteria
    • Is not: Excludes alerts that match the criteria
    • Contains: Includes alerts that match the criteria.
    • Does not contain: Excludes alerts that match the criteria.
    • On: Returns alerts triggered on this date
    • On or after: Returns alerts triggered on or after this date
    • On or before: Returns alerts triggered on or before this date
    • Between: Returns alerts triggered between these dates
  • Multi-value (OR)
    • Is either: Returns alerts that match any item in the list of criteria. This filter is evaluated as though the "OR" operator exists between each value.
    • Is neither: Returns alerts that do not match the items included in the list of criteria.
f Criteria

Defines the criteria for the search.

 

For multi-value searches (Is either or Is neither), enter each value on a separate line. Do not enter a comma-separated list.

 

Wildcards are not supported.

g Remove filter Removes this filter.
h Add filter Adds another filter. Results only return events that match all filters.
i Select all Click to select all alerts and present an action button (Reopen or Close). Perform the action to all selected alerts at once.
j Column sort Column sort icon Click the up arrow to sort results by this column in ascending order. Click the down arrow to sort in descending order.
k Expand/collapse event details Details arrow Expands or collapses all alert details.
l Actions

Use this column to dismiss or reopen alerts. 

  • Close: Dismisses this individual alert from the list of open alerts. To stop all alerts for this specific activity, select the Manage Rules tab and disable the alert. 
  • Reopen: Adds this alert back to the list of open alerts.
m

Alerts per page

Select to display 10 or 25 alerts per page.

Manage Rules

To add or edit alert rules:

  1. Sign in to the administration console.
  2. Select Alerts > Manage Rules

Manage Rules tab of Alerts

Item Description
a Create Rule Click to create a new rule that you can use to alert you when important data may be leaving your company.
b Review Alerts

Displays all of your alerts for the selected filters. For more information, see Review Alerts above.

c Manage Rules Displays all the security alert rules you have created. 
d Rule Name Name entered for the alert when it was created.
e Severity Severity of the alert that was selected when the alert was created.
f Created On Date the alert was created.
g Last Modified On Date the alert was last changed. 
h Enable

Click to enable or disable alert rules.

  • Enable: Allows the rule to notify of you of potential file exfiltration based on its settings. 
  • Disable: Stops the alert from firing for all users that were added to the rule. The alert will no longer generate new notifications on the Review Alerts tab.
i Column sort Hover over any column header to see the sort option. Click the up arrow to sort results by this column in ascending order. Click the down arrow to sort in descending order.
j Departing Employees badge Indicates a rule that is created by default for departing employees when they are added to the Departing Employees application
k Locked settingLocked setting Indicates that you cannot enable or disable this alert here. This rule is for the Departing Employees application and can be enabled or disabled from Detection > Departing Employees > Alert Settings.
l Edit Click to edit an alert rule. For information on the values you can change, see How to create and review alerts
m Options Click to duplicate an existing alert rule or to delete an alert rule.
n Rules per page Select to display 5, 10, 25 rules per page.
o Pagination Click right and left arrows to scroll through pages of rules.